Cork Protocol Faces $12 Million Loss from Smart Contract Exploit
The Cork Protocol, a DeFi platform, experienced a smart contract exploit resulting in the theft of $12 million in wrapped staked ether (wstETH).
- Blockchain security monitor Cyvers reported the incident, indicating the malicious contract was likely funded by a service provider's wallet.
- The stolen wstETH was quickly swapped for ETH.
- Cork Protocol had received investments from a16z crypto and OrangeDAO in September 2024.
- The platform confirmed the security incident affected the wstETH:weETH market at 11:23 UTC.
- Cork has paused all other markets and is investigating the root cause.
- Debaub identified that the attacker might have exploited a smart contract issue by issuing fake tokens.